cve-2021-46760
Vulnerability from cvelistv5
Published
2023-05-09 19:01
Modified
2024-08-04 05:17
Severity ?
Summary
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive information or achieving code execution.
References
psirt@amd.comhttps://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001Vendor Advisory
Impacted products
AMD3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT
AMDRyzen™ Threadripper™ PRO Processors “Castle Peak” WS
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:42.578Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "3rd Gen AMD Ryzen\u2122 Threadripper\u2122 Processors \u201cCastle Peak\u201d HEDT",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 Threadripper\u2122 PRO Processors \u201cCastle Peak\u201d WS",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various "
            }
          ]
        }
      ],
      "datePublic": "2023-05-09T16:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A malicious or compromised UApp or ABL can send\na malformed system call to the bootloader, which may result in an out-of-bounds\nmemory access that may potentially lead to an attacker leaking sensitive\ninformation or achieving code execution.\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "A malicious or compromised UApp or ABL can send\na malformed system call to the bootloader, which may result in an out-of-bounds\nmemory access that may potentially lead to an attacker leaking sensitive\ninformation or achieving code execution.\n\n\n\n\n"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-09T19:01:05.377Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001"
        }
      ],
      "source": {
        "advisory": "AMD-SB-4001",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-46760",
    "datePublished": "2023-05-09T19:01:05.377Z",
    "dateReserved": "2022-03-31T16:50:27.869Z",
    "dateUpdated": "2024-08-04T05:17:42.578Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-46760\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2023-05-09T20:15:12.283\",\"lastModified\":\"2023-05-22T15:40:00.550\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A malicious or compromised UApp or ABL can send\\na malformed system call to the bootloader, which may result in an out-of-bounds\\nmemory access that may potentially lead to an attacker leaking sensitive\\ninformation or achieving code execution.\\n\\n\\n\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C78A967-F746-4878-920A-464568277C81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBDB6866-7C3D-4EB2-B000-F166585F4AA8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"406E8509-18D0-4A8D-AB14-E2D8627B2E32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59F960F-D975-4CFF-96F1-E15C1A1A89C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53E14647-F625-4801-B884-1024CFCF7A05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB68A0C0-E575-4AA0-A312-8B1933085C19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C274FF4-0DFF-42FF-B308-77042E558337\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB67C763-72E9-4E0D-873A-04220C3583C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12D08409-5FC5-483A-8E2A-CFF2F82170ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AAD377-B60E-4EF5-BE1F-944B19CAA02A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3990x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AE0FEBA-4C22-4DFC-8570-B4245431F266\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E682064-7B94-46F1-A906-20482941B80D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3995wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6A50495-C80D-4A9E-8332-DDB1D9A50827\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DAA0D7A-E918-419D-BC89-65AA9E136C30\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3945wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1656388D-7294-4C23-A7AA-DE3698B6049F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBDB6866-7C3D-4EB2-B000-F166585F4AA8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3955wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6ABD246-26BB-4A8E-BA08-67591E715F38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59F960F-D975-4CFF-96F1-E15C1A1A89C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3960x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6A1905-D30E-41C3-84DB-C05BE70C110C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB68A0C0-E575-4AA0-A312-8B1933085C19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3970x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C15B2E-9D61-44C9-876D-0EBB7B438561\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB67C763-72E9-4E0D-873A-04220C3583C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3975wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BED390E-AA1E-424C-8D13-61D661418855\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AAD377-B60E-4EF5-BE1F-944B19CAA02A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3990x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B40AD74-67EC-4258-9073-8AFFDE743D49\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E682064-7B94-46F1-A906-20482941B80D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3995wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4383AF2-38C5-4225-B058-651979423864\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DAA0D7A-E918-419D-BC89-65AA9E136C30\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8694294-9D25-4435-AD3E-0135141493B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBDB6866-7C3D-4EB2-B000-F166585F4AA8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2559307C-99A8-41D0-B13F-81EF3025857D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59F960F-D975-4CFF-96F1-E15C1A1A89C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A0295EE-CCDA-4B90-8CF2-020A90A77FF4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB68A0C0-E575-4AA0-A312-8B1933085C19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58FD7B3B-76E4-4EA1-8567-4699B600B541\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB67C763-72E9-4E0D-873A-04220C3583C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC69F750-D3C5-455A-AE8C-2AC089C18376\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AAD377-B60E-4EF5-BE1F-944B19CAA02A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3990x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C9F0F99-6AF5-46C4-A822-38DFE2FAD0B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E682064-7B94-46F1-A906-20482941B80D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_3995wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86F7CA80-CDA0-4391-A9C1-0DEF31B08320\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DAA0D7A-E918-419D-BC89-65AA9E136C30\"}]}]}],\"references\":[{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001\",\"source\":\"psirt@amd.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.